Fix PickleTest.GetReadPointerAndAdvance not to produce wild addresses while checking for overflows.

BUG=117704
TBR=willchan
Review URL: https://chromiumcodereview.appspot.com/9694034

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@126413 0039d316-1c4b-4281-b951-d872f2087c98

1 files changed, 2 insertions, 6 deletions

diff --git a/base/pickle.cc b/base/pickle.cc
index a095e35..3b8e0ce 100644
--- a/base/pickle.cc
+++ b/base/pickle.cc
@@ -45,13 +45,9 @@ inline const char* PickleIterator::GetReadPointerAndAdvance() {
 }
 
 const char* PickleIterator::GetReadPointerAndAdvance(int num_bytes) {
-  const char* current_read_ptr = read_ptr_;
-  const char* end_data_ptr = read_ptr_ + num_bytes;
-  if (num_bytes < 0)
-    return NULL;
-  // Check for enough space and for wrapping.
-  if (end_data_ptr > read_end_ptr_ || end_data_ptr < current_read_ptr)
+  if (num_bytes < 0 || read_end_ptr_ - read_ptr_ < num_bytes)
     return NULL;
+  const char* current_read_ptr = read_ptr_;
   read_ptr_ += AlignInt(num_bytes, sizeof(uint32));
   return current_read_ptr;
 }